Donald Kossmann (Microsoft)

Confidentiality à la Carte with Cipherbase

Thursday, March 9th 2017, as part of the conference dinner (IBM)

Organizations move data and workloads to the cloud because the cloud is cheaper, more agile, and more
secure. Unfortunately, the cloud is not perfect and there are some fundamental tradeoffs that need to
be made in the cloud. The Cipherbase project studies the tradeoffs between confidentiality and
functionality that arise when state-of-the-art cryptography is combined with databases in the cloud:
The more operations that are supported on encrypted data, the more information that can be leaked
unintentionally. There has been a great deal of work studying these tradeoffs in the specific context
of property-preserving encryption techniques. For instance, deterministic encryption can support
equality predicates directly over encrypted data, but it is also vulnerable to inference attacks.
This talk discusses the tradeoffs that arise in a more general context when trusted computing
platforms such as FPGAs or Intel SGX technology are used to process encrypted data.

Guy Lohman (IBM, retired)

Query Optimization – Are We There Yet?

Friday, March 10th 2017, 11:30 - 12:30 (V38.04)

After nearly 4 decades and hundreds of scientific papers, relational query optimization can hardly be
characterized as anything but a huge scientific and commercial success. The market in 2016 for
relational database products was estimated by IDC to be about $40B, out of a total database market of
$45.1B. And SQL still dominates database application development and is widely recognized as the most
successful declarative language. None of this would have been possible without the success of query
optimization, which transforms declarative SQL statements of what data the user needs into an
“optimal” execution plan, i.e., a detailed, procedural specification for how that data
will be accessed and processed.

So are we “there” yet? Are we done? Are all the big and interesting problems solved? Is query
optimization as an area of scienti c inquiry dead, relegated to incremental improvements and mere
engineering? Why do we continue see so many papers on query optimization?

In this talk, I argue that current research appears to be incremental because we are largely attacking
the wrong problems while ignoring much harder and more significant problems. We are solving the
problems we know how to solve, not the problems that need solving.